A long-tail
intrusion is a network intrusion that occurred in the past and has persisted
for some time.
Long-tail
intrusions include advanced persistent threats (APT). However, sometimes intrusions
achieved by simpler methods and malware may be used as the starting point of a
long-tail intrusion and continued by downloading new code by means such as Trojans hidden by root kits and code targeting zero day
vulnerabilities.
Hackers of all stripes use these methods to gain long-term access for web crime, legitimate law enforcement, government spying and hacktivism. Access to the actual targeted data or network resource may take some time, during which the attacker could get other information from and about the network that may be valuable in itself both before and afterwards.
Hackers of all stripes use these methods to gain long-term access for web crime, legitimate law enforcement, government spying and hacktivism. Access to the actual targeted data or network resource may take some time, during which the attacker could get other information from and about the network that may be valuable in itself both before and afterwards.
Long-tail
intrusions are a considerable problem in security, especially for those relying
solely on tier 1 security such as a firewall or intrusion prevention, which is focused
solely on preventing initial entry to a network. In organizations with 5000
computers or more, 90 percent have existing breaches, on average, and these
breaches may exist undetected for more than a year.
Tier 2 security
such as breach detection systems (BDS) focus on malicious activity within the
network it protects. BDS determines possible breaches by differing combinations
of heuristics, traffic analysis, risk
assessment, safe marked traffic, data policy understanding and violation
reporting. BDS are sometimes able to detect breaches as they occur but
the systems are designed to identify existing intrusions.
This was last updated in November 2014from techterms.com
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse
**Important note** - contact our sister company for very powerful solutions Sinkhiles for Bots, IP management (IPv4 and IPv6), security, firewall and APT solutions:
www.tabularosa.net
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
No comments:
Post a Comment